<?php

define('IN_DOUCO', true);

require (dirname(__FILE__) . '/include/init.php');

// rec操作项的初始化
$rec = $check->is_rec($_REQUEST['rec']) ? $_REQUEST['rec'] : 'default';

$smarty->assign('rec', $rec);
$smarty->assign('cur', 'user');
$smarty->assign('ur_here', $_LANG['user']);
$smarty->assign('userlist_link', array ('text' => $_LANG['user_list'],'href' => 'user.php')); 
$smarty->assign('useradd_link', array ('text' => $_LANG['user_add'],'href' => 'user.php?rec=add')); 
/**
 * +----------------------------------------------------------
 * 会员列表
 * +----------------------------------------------------------
 */
if ($rec == 'default') {
    $username = i('username','','request');
    $mobile   = i('mobile','','request');
    $group_id = i('group_id','','request');
    $isgag    = i('isgag','','request');
    $status   = i('status','','request');
    $where = " WHERE is_robot='0' ";
    if($username){
        $where .= " AND username LIKE '%$username%' "; $get = '&username=' . $username;
    } 
    if($mobile){
        $where .= " AND mobile LIKE '%$mobile%' "; $get = '&mobile=' . $mobile;
    }  
    if($group_id != ''){
        $where .= " AND group_id='$group_id' "; $get = '&group_id=' . $group_id;
    }    
    if($isgag){
        $where .= " AND isgag='$isgag' "; $get = '&isgag=' . $isgag;
    }   
    if($status){
        $where .= " AND status='$status' "; $get = '&status=' . $status;
    }   
    //分页
    $page = $check->is_number($_REQUEST['page']) ? $_REQUEST['page'] : 1;
    $page_url = 'user.php?1=1';
    $limit = $dou->pager('user', 25, $page, $page_url, $where, $get);
    $sql = "SELECT * FROM " . $dou->table('user') . " $where ORDER BY logintime DESC $limit";
    $res = $dou->get_all($sql);
    foreach ($res as $k=>$row) {
        $user_list[$k] = $row;
        $user_list[$k]['gag_log'] = $dou->get_row('SELECT * FROM '.$dou->table('user_log')."WHERE opt='add_gag' AND user_id='{$row['id']}' ORDER BY create_time DESC");
        $user_list[$k]['blacklist_log'] = $dou->get_row('SELECT * FROM '.$dou->table('user_log')."WHERE opt='add_blacklist' AND user_id='{$row['id']}' ORDER BY create_time DESC");
        $user_list[$k]['logintime']   = date("Y-m-d H:i:s", $row['logintime']);
    }
    // 赋值给模板
    $smarty->assign('user_list', $user_list);
    $smarty->display('user.htm');
} 

/**
 * +----------------------------------------------------------
 * 会员编辑
 * +----------------------------------------------------------
 */
elseif ($rec == 'edit') {
    $smarty->assign('ur_here', $_LANG['user']);
    $smarty->assign('action_link', array ('text' => $_LANG['user_list'],'href' => 'user.php' ));
    // 验证并获取合法的ID
    $id = $check->is_number($_REQUEST['id']) ? $_REQUEST['id'] : '';
    $user_info = $dou->get_row("SELECT * FROM ".$dou->table('user')." WHERE id='$id' ");
    // CSRF防御令牌生成
    $smarty->assign('token', $firewall->get_token());
    $smarty->assign('user_info', $user_info);
    $smarty->display('user.htm');
} 
elseif ($rec == 'update') {
    //$user_info = $dou->get_row("SELECT * FROM ".$dou->table('user')." WHERE id='$id' ");
    // CSRF防御令牌验证
    $firewall->check_token($_POST['token']);
    $sql = $dou->update_sql('user', array('group_id'=>$_POST['group_id'], 'isgag'=>$_POST['isgag'], 'status'=>$_POST['status']), "id='{$_POST['id']}'");
    $dou->query($sql);
    //操作记录
    $log_msg = $_LANG['user_edit'].': '.$_POST['username'];
    $dou->create_admin_log($log_msg);
    //更新在线用户信息
    updateUser($_POST['id']);
    $dou->dou_msg($_LANG['user_edit_succes'], 'user.php');
} 

/**
 * +----------------------------------------------------------
 * 会员删除
 * +----------------------------------------------------------
 */
elseif ($rec == 'del') {
    // 验证并获取合法的ID
    $id = $check->is_number($_REQUEST['id']) ? $_REQUEST['id'] : $dou->dou_msg($_LANG['illegal'], 'user.php');
    $username = $dou->get_one("SELECT username FROM " . $dou->table('user') . " WHERE id = '$id'");
    if (isset($_POST['confirm']) ? $_POST['confirm'] : '') {
        $dou->create_admin_log($_LANG['user_del'] . ': ' . $username);
        //删除在线用户列表列表
        delUser($id);
        $dou->delete($dou->table('user'), "id = $id", 'user.php');
    } else {
        $_LANG['del_check'] = preg_replace('/d%/Ums', $username, $_LANG['del_check']);
        $dou->dou_msg($_LANG['del_check'], 'user.php', '', '30', "user.php?rec=del&id=$id");
    }
} 

//批量操作选择
elseif ($rec == 'action') {
    if (is_array($_REQUEST['checkbox']) || $_REQUEST['checkbox']>0) {
        $_REQUEST['checkbox'] = is_string($_REQUEST['checkbox']) ? explode(',', $_REQUEST['checkbox']) : $_REQUEST['checkbox'];
        //禁言/恢复
        if ($_REQUEST['opt'] == 'add_gag' || $_REQUEST['opt'] == 'del_gag' || isset($_REQUEST['opt_add_gag']) ) {
            $isgag = $_REQUEST['opt']=='del_gag' ? '0':'1';
            $dou->update_all('user', $_REQUEST['checkbox'], 'id', "isgag='{$isgag}'");
            if($isgag == 1){
                $dou->update_all('user', $_REQUEST['checkbox'], 'id', "gag_time=gag_time+1");
                foreach($_REQUEST['checkbox'] as $v) add_userlog('add_gag',$v, "操作员:{$_SESSION[DOU_ID]['user_name']}(".date('Ymd H:i:s').")",$_SESSION[DOU_ID]['user_name']);
            } 
        }
        //拉黑/恢复
        if ($_REQUEST['opt'] == 'add_blacklist' || $_REQUEST['opt'] == 'del_blacklist' || isset($_REQUEST['opt_add_blacklist']) ) {
            $status = $_REQUEST['opt']=='del_blacklist' ? 'normal' : 'hidden';
            $dou->update_all('user', $_REQUEST['checkbox'], 'id', "status='{$status}'"); //屏蔽用户
            $dou->update_all('chatlog', $_REQUEST['checkbox'], 'user_id', "status='{$status}'"); //屏蔽用户关联消息
            if($status == 'hidden'){
                foreach($_REQUEST['checkbox'] as $v) add_userlog('add_blacklist',$v, "操作员:{$_SESSION[DOU_ID]['user_name']}(".date('Ymd H:i:s').")",$_SESSION[DOU_ID]['user_name']);
            }
            //推送
            push_hiddenUser(array('type'=>$status,'user_list'=>implode(',', $_REQUEST['checkbox'])));
        }
        //ip禁止/恢复
        if ($_REQUEST['opt'] == 'add_banip' || $_REQUEST['opt'] == 'del_banip' || isset($_REQUEST['opt_add_banip']) ) {
            $banip = $_REQUEST['opt']=='del_banip' ? '0' : '1';
            //$dou->update_all('user', $_REQUEST['checkbox'], 'id', "banip='{$banip}'");
            $ips = $dou->get_column("SELECT loginip FROM".$dou->table('user')." WHERE ".$dou->where_in($_REQUEST['checkbox'],'id'), 'loginip');
            $dou->update_all('user', $ips, 'loginip', "banip='{$banip}'");
        }
        //删除用户
        if ($_REQUEST['opt'] == 'del_all') {//批量删除
            $dou->delete_all('user', $_REQUEST['checkbox'], 'id');
        }
        header('Location:'.$_SERVER["HTTP_REFERER"]);
    } else {
        $dou->dou_msg($_LANG['record_select_empty']);
    }
}


/**
 * +----------------------------------------------------------
 * 其他设置
 * +----------------------------------------------------------
 */
elseif ($rec == 'config') {
    if(isset($_POST['submit'])){
        $dou->query($dou->update_sql('config', array('value'=>serialize($_POST['user_level'])), "name='user_level'") );
    }
    $user_level = $dou->get_one("SELECT value FROM " . $dou->table('config') . " WHERE name='user_level' LIMIT 1");
    $user_level = unserialize($user_level);
    $smarty->assign('user_level', $user_level);
    $smarty->display('user.htm');
}

?>